Read the discussion here:
https://www.reddit.com/r/Piracy/comments/43itah/is_kmspico_windows_activator_safe/Windows Defender will alert in defense of DRM legislation. The software is being frowned upon because of DRM issues etc. Do not use illegit softwares/torrenting. Better safe then sorry.
Then there are issues to suppose the website coders there aren't top class either:
I checked the download site for all of ye and the results are certainly not encouriging.
The Comodo cert. seems properly installed, but issue here with a jQuery library:
http://retire.insecurity.today/#!/scan/47c0ee465ba5734572118d1246d5abb3991d645330bd18416d7598c8275322c3A meagre F-status here:
https://observatory.mozilla.org/analyze.html?host=www.kmspico4u.comand recommendations, no HSTS and more missing.
Site was made with Word Press CMS, and there the real CMS tragedy starts.
Word Press version outdated: 4.7.5
Outdated plug-ins:
WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.
si-captcha-for-wordpress 3.0.0.16 latest release (3.0.0.20) Update required
https://wordpress.org/plugins/si-captcha-for-wordpress/contact-form-7 4.7 latest release (4.
Update required
https://contactform7.com/Warning User Enumeration is possible
The first two user ID's were tested to determine if user enumeration is possible.
ID User Login
1 riponzm21 riponzm21
2 Arshad Khan kmspico
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.
Warning Directory Indexing Enabled
In the test we attempted to list the directory contents of the uploads and plugins folders to determine if Directory Indexing is enabled. This is an information leakage vulnerability that can reveal sensitive information regarding your site configuration or content.
/wp-content/uploads/ enabled
B-Status:
https://sritest.io/#report/e83f22fc-30c6-4bea-84e6-751e279fd3a1polonus (volunteer website security analyst and website error-hunter)